Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2020-5398

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a...

8CVSS7AI score0.88077EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.17 views

Oracle Siebel Server <= 21.1 (April 2021 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the April 2021 CPU advisory. - Vulnerability in the Siebel Engineering - Installer and Deployment product of Oracle Siebel CRM component: Siebel Approval Manager Spring Framework...

8CVSS8AI score0.88077EPSS
Exploits2References3
Check Point Advisories
Check Point Advisories
added 2022/10/03 12:0 a.m.8 views

Vmware Spring Framework Remote Code Execution (CVE-2020-5398)

A remote code execution vulnerability exists in VMware Spring Framework. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS5.4AI score0.88077EPSS
Exploits2
Atlassian
Atlassian
added 2021/02/03 10:45 p.m.108 views

Update application links to 5.4.23 to fix CVE-2020-5398

Affected versions of Atlassian FishEye and Crucible allow remote attackers to view sensitive information via an Information Disclosure vulnerability in a vulnerable version of the Application Links component. The affected versions are before version 4.8.6. Affected versions: version 4.8.6 Fixed...

8CVSS5AI score0.88077EPSS
Exploits2Affected Software1
Atlassian
Atlassian
added 2021/02/03 10:39 p.m.80 views

Update Atlassian Platform to 3.5.19 to fix CVE-2018-1000613, CVE-2019-17571 and other vulnerabilities

Update Atlassian Platform from 3.5.17 to 3.5.19. The new platform version brings changes in the following libraries: update com.atlassian.applinks: from 5.4.21 to 5.4.23 update com.atlassian.plugins: from 4.4.10 to 4.4.14 update com.atlassian.sal: from 3.1.2 to 3.1.3 update com.atlassian.streams:...

9.8CVSS7.8AI score0.88077EPSS
Exploits6
RedHat Linux
RedHat Linux
added 2020/12/16 12:11 p.m.179 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.8.0 release and security update

A minor version update from 7.7 to 7.8 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

9.8CVSS8AI score0.95586EPSS
Exploits12References39
Atlassian
Atlassian
added 2020/02/17 6:0 a.m.64 views

Spring Framework Vulnerability - CVE-2020-5398

h3. Issue Summary Security vulnerability scan gave a red flag for Spring Framework plugin version that is used in Bitbucket Server version 6.10.0. The CVE-2020-5398 is being noted from the report scan. h3. Description Plugin: Spring Framework 5.0.x 5.0.16 / 5.1.x 5.1.13 / 5.2.x 5.2.3 Spring...

8CVSS3.3AI score0.88077EPSS
Exploits2
Atlassian
Atlassian
added 2020/02/17 6:0 a.m.268 views

Spring Framework Vulnerability - CVE-2020-5398

h3. Issue Summary Security vulnerability scan gave a red flag for Spring Framework plugin version that is used in Bitbucket Server version 6.10.0. The CVE-2020-5398 is being noted from the report scan. h3. Description Plugin: Spring Framework 5.0.x 5.0.16 / 5.1.x 5.1.13 / 5.2.x 5.2.3 Spring...

8CVSS3.3AI score0.88077EPSS
Exploits2Affected Software1
RedhatCVE
RedhatCVE
added 2020/02/06 5:44 p.m.50 views

CVE-2020-5398

A flaw was found in springframework in versions prior to 5.0.16, 5.1.13, and 5.2.3. A reflected file download RFD attack is possible when a "Content-Disposition" header is set in response to where the filename attribute is derived from user supplied input. The highest threat from this vulnerabili...

8CVSS4.4AI score0.88077EPSS
Exploits2References4
vulnersOsv
vulnersOsv
added 2020/01/21 8:59 p.m.7 views

ai.hyacinth.framework:core-service-admin-server (>=0.5.8 <=0.5.21), ai.hyacinth.framework:core-service-gateway-server (>=0.5.8 <=0.5.21) +38 more potentially affected by CVE-2020-5398 via org.springframework:spring-webflux (>=5.1.0.RELEASE <=5.1.12.RELEASE)

org.springframework:spring-webflux MAVEN version =5.1.0.RELEASE, =0.5.8, =0.5.8, =0.5.8, =0.5.0, =1.1.1.RELEASE, =1.0.6.RELEASE, =1.0.0, =1.3.5, =1.0.4.RELEASE, =1.7.0, =1.1.1-Greenwich, =1.1.1-Greenwich, =1.1.2-Greenwich and more Source cves: CVE-2020-5398 Source advisory: OSV:GHSA-8WX2-9Q48-VM9...

8CVSS7AI score0.88077EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2020/01/21 8:59 p.m.5 views

ai.ylyue:yue-library-base (>=Finchley.SR2.SR1 <=Finchley.SR4.1), ai.ylyue:yue-library-base-crypto (>=Finchley.SR4 <=Finchley.SR4.1) +754 more potentially affected by CVE-2020-5398 via org.springframework:spring-webmvc (>=5.0.0.RELEASE <=5.0.15.RELEASE)

org.springframework:spring-webmvc MAVEN version =5.0.0.RELEASE, =Finchley.SR2.SR1, =Finchley.SR4, =Finchley.SR2.SR1, =Finchley.SR2.SR1, =Finchley.SR4, =2.0.3.RELEASE, =2.0.2.RELEASE, =1.0.3.RELEASE, =3.1.0, =3.1.0, =2.0.7, =2.0.11 - ch.rasc:wamp2spring =1.0.0 - ch.rasc:wamp2spring-security =1.0.0...

8CVSS7AI score0.88077EPSS
Exploits2
GithubExploit
GithubExploit
added 2020/01/17 5:35 a.m.25 views

Exploit for Cross-site Scripting in Vmware Spring_Framework

CVE-2020-5398 - RFDReflected File Download Attack for Spring...

8CVSS8AI score0.88077EPSS
Exploits2
CVE
CVE
added 2020/01/16 11:55 p.m.577 views

CVE-2020-5398

CVE-2020-5398 (Spring Framework) affects Spring Framework versions: 5.0.x before 5.0.16, 5.1.x before 5.1.13, and 5.2.x before 5.2.3. The vulnerability is a reflected file download (RFD) attack triggered when an application sets a Content-Disposition header whose filename is derived from user inp...

8CVSS7.3AI score0.88077EPSS
Exploits2References44Affected Software1
Rows per page
Query Builder